From nobody Tue May 7 06:26:27 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97411+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97411+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1671073349; cv=none; d=zohomail.com; s=zohoarc; b=fmud3pvT/oQD2c2sLeo7Au31zzQuoOj1bqUygK7epfA+W5pEizaD6CiR1pKtnHjPDYqYzc7TOQOPCTz+gSB/19yheb+FSVFhjgvl6snwHY53KIgXlBL1ZU6G8oOhLgThUKpruDUz6F6/jCR9NptY4evSf+xi6Bs6Q0VSMLLQnes= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1671073349; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=CLP/u8yIFhxMqfdJ6i8JL1UCuwfyw93OkXGo4pAeNRk=; b=QoEnHR+XpT6CV/FePUcwgYAEh4EqYRDOfUHmkEfE2I0PwAl/MkTU5T4x17zQDcG8Q5oVbGQBxUytihsvLc5XSZXo/flaStJhHhAXcspkvWI+5AEDAsePnILdRWeDjYFHwDXk/nc1Z2x6fUrLyV2jJtSkMCWLzfWrdlmPc6FRZaw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97411+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671073349796826.1297222209071; Wed, 14 Dec 2022 19:02:29 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ptGnYY1788612xJ6XqJACpVA; Wed, 14 Dec 2022 19:02:29 -0800 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web10.124087.1671073348670631659 for ; Wed, 14 Dec 2022 19:02:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10561"; a="298247364" X-IronPort-AV: E=Sophos;i="5.96,246,1665471600"; d="scan'208";a="298247364" X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Dec 2022 19:02:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10561"; a="756163619" X-IronPort-AV: E=Sophos;i="5.96,246,1665471600"; d="scan'208";a="756163619" X-Received: from shwdeopensfp777.ccr.corp.intel.com ([10.239.158.70]) by fmsmga002.fm.intel.com with ESMTP; 14 Dec 2022 19:02:26 -0800 From: "Wang, Jian J" To: devel@edk2.groups.io Cc: Jiewen Yao , Michael D Kinney , Nishant C Mistry , Judah Vang Subject: [edk2-devel] [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib Date: Thu, 15 Dec 2022 11:02:23 +0800 Message-Id: <20221215030223.899-1-jian.j.wang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,jian.j.wang@intel.com X-Gm-Message-State: qHiAh1HJ062clOGna6tgPCKCx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671073349; bh=8E1VtcpuZuMpSmkqje3Z75XXK2vSQr7aHwdP16L6DI8=; h=Cc:Date:From:Reply-To:Subject:To; b=N7exd2FJ2frYFy1YlWCIq/m+xnWZFQK6V+FCaJ/2Spa0al9CU14auDU1O/uZ4rRGXBv B/yjbqxuCEjz7p3w6V11lXffnRYNWlawxG7pZMJ0ZQDL5F/CGROetN767gUKQvAUlK1tJ DyOLI47j7M5/9jBIh3WVvlESs2sLqTIpn1Q= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671073351567100001 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2594 There's no real usage of these two libraries. They're deprecated. Cc: Jiewen Yao Cc: Michael D Kinney Cc: Nishant C Mistry Cc: Judah Vang Signed-off-by: Jian J Wang Acked-by: Michael D Kinney Reviewed-by: Jiewen Yao --- SecurityPkg/Include/Library/RpmcLib.h | 42 ------------ SecurityPkg/Include/Library/VariableKeyLib.h | 59 ----------------- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 ------------- .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ---------- .../VariableKeyLibNull/VariableKeyLibNull.c | 66 ------------------- .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ---------- SecurityPkg/SecurityPkg.dec | 8 --- SecurityPkg/SecurityPkg.dsc | 4 -- 8 files changed, 291 deletions(-) delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.c delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.inf diff --git a/SecurityPkg/Include/Library/RpmcLib.h b/SecurityPkg/Include/Li= brary/RpmcLib.h deleted file mode 100644 index df4ba34ba8..0000000000 --- a/SecurityPkg/Include/Library/RpmcLib.h +++ /dev/null @@ -1,42 +0,0 @@ -/** @file - Public definitions for the Replay Protected Monotonic Counter (RPMC) Lib= rary. - -Copyright (c) 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#ifndef _RPMC_LIB_H_ -#define _RPMC_LIB_H_ - -#include - -/** - Requests the monotonic counter from the designated RPMC counter. - - @param[out] CounterValue A pointer to a buffer to store the= RPMC value. - - @retval EFI_SUCCESS The operation completed successful= ly. - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter. - @retval EFI_UNSUPPORTED The operation is un-supported. -**/ -EFI_STATUS -EFIAPI -RequestMonotonicCounter ( - OUT UINT32 *CounterValue - ); - -/** - Increments the monotonic counter in the SPI flash device by 1. - - @retval EFI_SUCCESS The operation completed successful= ly. - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter. - @retval EFI_UNSUPPORTED The operation is un-supported. -**/ -EFI_STATUS -EFIAPI -IncrementMonotonicCounter ( - VOID - ); - -#endif diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h b/SecurityPkg/Inc= lude/Library/VariableKeyLib.h deleted file mode 100644 index 561ebad09d..0000000000 --- a/SecurityPkg/Include/Library/VariableKeyLib.h +++ /dev/null @@ -1,59 +0,0 @@ -/** @file - Public definitions for Variable Key Library. - -Copyright (c) 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#ifndef _VARIABLE_KEY_LIB_H_ -#define _VARIABLE_KEY_LIB_H_ - -#include - -/** - Retrieves the key for integrity and/or confidentiality of variables. - - @param[out] VariableKey A pointer to pointer for the variabl= e key buffer. - @param[in,out] VariableKeySize The size in bytes of the variable ke= y. - - @retval EFI_SUCCESS The variable key was returned. - @retval EFI_DEVICE_ERROR An error occurred while attempting= to get the variable key. - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface. - @retval EFI_UNSUPPORTED The variable key is not supported = in the current boot configuration. -**/ -EFI_STATUS -EFIAPI -GetVariableKey ( - OUT VOID **VariableKey, - IN OUT UINTN *VariableKeySize - ); - -/** - Regenerates the variable key. - - @retval EFI_SUCCESS The variable key was regenerated s= uccessfully. - @retval EFI_DEVICE_ERROR An error occurred while attempting= to regenerate the key. - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface. - @retval EFI_UNSUPPORTED Key regeneration is not supported = in the current boot configuration. -**/ -EFI_STATUS -EFIAPI -RegenerateVariableKey ( - VOID - ); - -/** - Locks the regenerate key interface. - - @retval EFI_SUCCESS The key interface was locked succe= ssfully. - @retval EFI_UNSUPPORTED Locking the key interface is not s= upported in the current boot configuration. - @retval Others An error occurred while attempting= to lock the key interface. -**/ -EFI_STATUS -EFIAPI -LockVariableKeyInterface ( - VOID - ); - -#endif diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Li= brary/RpmcLibNull/RpmcLibNull.c deleted file mode 100644 index 792e48250e..0000000000 --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c +++ /dev/null @@ -1,46 +0,0 @@ -/** @file - NULL RpmcLib instance for build purpose. - -Copyright (c) 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include - -/** - Requests the monotonic counter from the designated RPMC counter. - - @param[out] CounterValue A pointer to a buffer to store the= RPMC value. - - @retval EFI_SUCCESS The operation completed successful= ly. - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter. - @retval EFI_UNSUPPORTED The operation is un-supported. -**/ -EFI_STATUS -EFIAPI -RequestMonotonicCounter ( - OUT UINT32 *CounterValue - ) -{ - ASSERT (FALSE); - return EFI_UNSUPPORTED; -} - -/** - Increments the monotonic counter in the SPI flash device by 1. - - @retval EFI_SUCCESS The operation completed successful= ly. - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter. - @retval EFI_UNSUPPORTED The operation is un-supported. -**/ -EFI_STATUS -EFIAPI -IncrementMonotonicCounter ( - VOID - ) -{ - ASSERT (FALSE); - return EFI_UNSUPPORTED; -} diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf b/SecurityPkg/= Library/RpmcLibNull/RpmcLibNull.inf deleted file mode 100644 index 500edfa87d..0000000000 --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf +++ /dev/null @@ -1,33 +0,0 @@ -## @file -# Provides Null version of RpmcLib for build purpose. -# -# Copyright (c) 2020, Intel Corporation. All rights reserved.
-# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Defines] - INF_VERSION =3D 0x00010029 - BASE_NAME =3D RpmcLibNull - FILE_GUID =3D FAE0BA22-92E2-4334-8F0F-96AFF9BAE360 - MODULE_TYPE =3D BASE - VERSION_STRING =3D 1.0 - LIBRARY_CLASS =3D RpmcLib - -# -# The following information is for reference only and not required by the = build tools. -# -# VALID_ARCHITECTURES =3D IA32 X64 Arm AArch64 -# - -[Sources] - RpmcLibNull.c - -[Packages] - MdePkg/MdePkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - BaseLib - DebugLib - diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/= SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c deleted file mode 100644 index a08def767b..0000000000 --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c +++ /dev/null @@ -1,66 +0,0 @@ -/** @file - Null version of VariableKeyLib for build purpose. Don't use it in real p= roduct. - -Copyright (c) 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ -#include -#include - -/** - Retrieves the key for integrity and/or confidentiality of variables. - - @param[out] VariableKey A pointer to pointer for the variabl= e key buffer. - @param[in,out] VariableKeySize The size in bytes of the variable ke= y. - - @retval EFI_SUCCESS The variable key was returned. - @retval EFI_DEVICE_ERROR An error occurred while attempting= to get the variable key. - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface. - @retval EFI_UNSUPPORTED The variable key is not supported = in the current boot configuration. -**/ -EFI_STATUS -EFIAPI -GetVariableKey ( - OUT VOID **VariableKey, - IN OUT UINTN *VariableKeySize - ) -{ - ASSERT (FALSE); - return EFI_UNSUPPORTED; -} - -/** - Regenerates the variable key. - - @retval EFI_SUCCESS The variable key was regenerated s= uccessfully. - @retval EFI_DEVICE_ERROR An error occurred while attempting= to regenerate the key. - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface. - @retval EFI_UNSUPPORTED Key regeneration is not supported = in the current boot configuration. -**/ -EFI_STATUS -EFIAPI -RegenerateVariableKey ( - VOID - ) -{ - ASSERT (FALSE); - return EFI_UNSUPPORTED; -} - -/** - Locks the regenerate key interface. - - @retval EFI_SUCCESS The key interface was locked succe= ssfully. - @retval EFI_UNSUPPORTED Locking the key interface is not s= upported in the current boot configuration. - @retval Others An error occurred while attempting= to lock the key interface. -**/ -EFI_STATUS -EFIAPI -LockVariableKeyInterface ( - VOID - ) -{ - ASSERT (FALSE); - return EFI_UNSUPPORTED; -} diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf = b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf deleted file mode 100644 index ea74e38cf9..0000000000 --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf +++ /dev/null @@ -1,33 +0,0 @@ -## @file -# Provides Null version of VariableKeyLib for build only. -# -# Copyright (c) 2020, Intel Corporation. All rights reserved.
-# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Defines] - INF_VERSION =3D 0x00010029 - BASE_NAME =3D VariableKeyLibNull - FILE_GUID =3D 2B640ED8-1E6A-4516-9F1D-25910E59BC4A - MODULE_TYPE =3D BASE - VERSION_STRING =3D 1.0 - LIBRARY_CLASS =3D VariableKeyLib - -# -# The following information is for reference only and not required by the = build tools. -# -# VALID_ARCHITECTURES =3D IA32 X64 Arm AArch64 -# - -[Sources] - VariableKeyLibNull.c - -[Packages] - MdePkg/MdePkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - BaseLib - DebugLib - diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 7ecf9565d9..358b3dc543 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -80,14 +80,6 @@ # TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h =20 - ## @libraryclass Provides interfaces to access RPMC device. - # - RpmcLib|Include/Library/RpmcLib.h - - ## @libraryclass Provides interfaces to access variable root key. - # - VariableKeyLib|Include/Library/VariableKeyLib.h - ## @libraryclass Provides interfaces about firmware TPM measurement. # TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 30d911d8a1..2f679c87a9 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -68,8 +68,6 @@ TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi= b.inf TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi= b.inf ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSyst= emLibNull.inf - VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull= .inf - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLo= gRecordLib.inf MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibN= ull.inf SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo= otVariableLib.inf @@ -264,8 +262,6 @@ # # Variable Confidentiality & Integrity # - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectio= nLibVarPolicy.inf =20 # --=20 2.36.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97411): https://edk2.groups.io/g/devel/message/97411 Mute This Topic: https://groups.io/mt/95682092/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-